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Method and apparatus for protection of data on an integrated circuit by using memory cells to 
detect tampering. 



A method and apparatus protects data on an integrated circuit to prevent 
disclosure of information from the card when an error or modification has been detected or 
reprogramming. 



A smart card is a card similar in size to a typical credit card; however, it has a 
chip embedded in it. By adding a chip to the card, the smart card acquires power to serve 
many different uses including access-control and value exchange. A smart card may be used to 
store valuable information such as private keys, account numbers, passwords, or valuable 
10 personal information. Additionally, it permits performance of processes that are to be kept 
private, such as performing a public key or private key encryption. 

An integrated circuit chip in the card typically allows protection of information 
being stored from damage or theft since, unlike magnetic stripe cards which carry information 
on the outside of the card, the information is internal. However, integrated circuits, particularly 
1 5 when used in smart cards, may allow release of information when an error is intentionally 
introduced through such methods as radiating or microwaving the smart card. 

A smart card may generally include a processor such as an 8051 by Intel 
company for processing, a decrypter/encrypter using such technology as RS A, and a memory 
storing a key for use by the decrypter/encrypter although "memory cards" may include only 
20 memory. 

A study by Bellcore has concluded that microwaving a smart card can produce 
a soft error in the decrypter/encrypter or memory as reported in "Smart Card Insecurity: 
Bellcore Advisory", IAC Newsletter DB, Sept. 30, 1996; Edge Publishing. By looking at the 
answer released by the smart card, one can analyze the released answer and based on that 
25 answer, determine the key stored in the memory, thus allowing access to private information. 



The present invention provides a tampering check to prevent tampering of the 
integrated circuit. The present invention checks "canaries" such as registers, to determine if 
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they are "alive", i.e., producing a respective predetermined value. If the values from the 
"canaries" are not the respective predetermined values or comparison results are not as 
predetermined, information is not released from the smart card. 



and 



invention. 



Figure 1 illustrates an example of a smart card including the present invention; 
Figure 2 illustrates an example of a smart card including a second embodiment 



Figure 1 illustrates a general layout of a smart card. Specifically, a smart card 
100 may typically include cells such as a processor, for example, an Intel 8051 processor 102, 
a decrypter/encrypter using such technology as RSA 104, and a memory element storing a key 
1 5 such as a private key 106. Additionally, "canaries" or memory elements such as register 

elements, buffers, flip flops or memories such as SRAMS, E 2 cells 108 or other types of cells 
comparable to the cell concerned about being "hit" with radiation, etc., are physically 
distributed over the smart card to insure complete coverage and protection of the entire smart 

card. '-v 

20 The "canaries" should preferably be more sensitive than other cells so as to \ 

prevent corruption of only the "canaries" although "canaries" as sensitive as the other cells J /^T 
would also allow detection of tampering. 

In one embodiment, the "canaries" are set to respective known states. The 
memory which holds the key, also holds reference values which are the same values as the 
25 respective known states. The known states can be the same value or different values for each 
of the "canaries" or a subset of the "canaries". The values can be prestored or can be calculated 
based on the key stored in the smart card memory. 

When a user attempts to use the smart card and retrieve an output, a comparison 
is performed between each of the "canary" known states and their respective reference values 
30 stored in the memory. 

A comparator present in the processor 102, or as a separate element 1 10, 
compares the state of the "canary" with the respective reference value for that "canary", 
producing a comparison result which is, if the comparator is a separate element, provided to 
the processor 102. The processor 102 takes the comparison result and using software, releases 
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the output or prevents release of the output. Alternatively, hardware 1 14 could be added to the 
output of the processor 102 to allow or prevent release of the output based on the comparison- 
result. If the values match, output from the smart card is released externally. If the values do 
not match, the output is not released externally. 



(set all bits to one) when one tampers with the integrated circuit. Thus, the comparator could 
check if each memory element is zeroed or set and bar release of information if either 
condition occurs. 

Outputs from the "canaries" can also be compared against each other and 
10 checked that they are the same number, be added (or perform some other function) and 
compared to a prespecified number, or check that each is a prespecified number. 

A known constant built into the comparator, should be of such quality that it is 
not affected by the radiation or other external influences. Indeed, any element providing a 
reference value or prespecified function, etc. should be of such quality that it is not affected by 
1 5 the radiation or other external influences. 

Alternatively, the number of comparators may be varied or may be used in 
various combinations to insure that the smart card has not be affected by radiation or other 
tampering. One such example is shown in Figure 2. 

Another alternative would have the canary outputs programmable with a preset 
20 pattern to randomize the output and protect against tampering. 

As can now be readily appreciated, the invention allows detection of tampering 
of an integrated circuit. The invention may be included in a subsystem or may be a separate 
subsystem. One skilled in the art may easily use differing numbers of "canaries" or have each 
"canary" output more than one value. Additional modifications may easily be made by one 
25 skilled in the art. 

Moreover, the present invention may be used on smart cards having only 
memory and no processor. The output of the canaries could be checked by a comparator in one 
of the methods or a method similar to those detailed above, and the output from the memory 
could be enabled or disabled based on the output of the comparator. 
30 It will thus be seen that the objects set forth above among those made apparent 

from the preceding description, are efficiently attained and, since certain changes may be 
made in the above constructions without departing from the spirit and scope of the invention, 
it is intended that all matter contained in the above description or shown in the accompanying 
drawings shall be interpreted as illustrative and not limiting sense. 
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Additionally, often memory elements will "zero" (set all bits to zero) or "set' 
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It is also to be understood that the following claims are intended to cover all of 
the generic and specific features of the invention herein described and all statements of the - 
scope of the invention which, as a matter of language, might be said to fall therebetween. 



WO 99/35554 PCT/IB98/01 969 



CLAIMS: 



1 . A smart card comprising: 

• a memory ( 1 06) storing a key; 

• an encrypter/decrypter (104) for encrypting information supplied by the smart card and 
decrypting information received by the smart card using the key; 

5 • a plurality of memory elements ( 1 08), each memory element ( 1 08) storing a respective 
preset value; and 

• a comparator (110) for comparing the respective value of each memory element ( 1 08) with 
a reference value from said memory (106), said comparator (110) barring information from 
being supplied if any of the respective values of the memory elements (108) does not 



1 0 match the respective reference value. 

2. A smart card comprising: 

• a memory (1 06) storing information; 

• at least one memory element (108), each memory element (108) storing a respective preset 
15 value; and 



• at least one comparator (110) for comparing respective values of each memory element 
(108) in a preset manner to acquire at least one comparison result to produce an enabling 
signal, said enabling signal barring information from being supplied if any of the at least 
one comparison results does not match an at least one respective reference value. 

20 

3. A smart card as recited in Claim 2, wherein at least one of said at least one 
memory elements (108) is a programmable memory. 

4. A method for preventing a smart card from providing information if the smart 
25 card has been tampered with, said method comprising the steps of: 

• setting at least one memory element (108) to a preset value; 

• comparing each respective set value of said at least one memory element (1 08) to a 
respective reference value; 

• producing a comparison result based on said comparing; and 
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enabling or disabling output of information from said smart card based on said comparison 
result. 
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